Security / Cryptography/PBKDF2
PBKDF2 is a key derivation function, used in the process of deriving encryption keys.
The main idea of PBKDF2 is repeatedly applying the input and the salt to a hash function like HMAC to produce a key, which can be used later on in subsequence operations.
Passwords managers like 1Password and Bitwarden use this function (in a combination of a much more complex scheme) with your Master Password to generate a symmetric key for encrypting and decrypting data in your vault.
The PBKDF2 function takes several input parameters and produces the derived key as output:
where:
is a pseudorandom function that produces an output length bits, for example, keyed HMAC. is the input password is a securely generated random bytes, minium 64 bits but 128 bits is recommended is the number of iterations of HMAC derivation. For example, in Bitwarden, it’s 100,001 iterations is the expected key length for the output, for example, 32 bytes (256 bits)
The iterations count is directly proportional to the time it takes for key derivation. The slower key derivation, the slower login time but the password is more secure against cracking attacks.
The
Each block
The function
Where each
The
It’s important to note that PBKDF2 is not resistant to GPU attacks for ASIC attacks (attacks using specialized hardware). For new systems, it’s recommended to use a more secure algorithm like Bcrypt, Scrypt, or Argon2 instead.
What’s next?
- https://bitwarden.com/help/bitwarden-security-white-paper/◹
- https://1passwordstatic.com/files/security/1password-white-paper.pdf◹